1) Remove buffer overflow when the number of Driver Binding Protocols increases in the middle of ConnectController()
2) Remove possibility of getting a CR() macro ASSERT() when DisconnectController() is called during a recursive ConnectController() 3) Make sure the DeviceHandle field of the Loaded Image Protocol is always correct 4) Update Loaded Image Protocol logic to guarantee that the DeviceHandle and FilePath fields are correct the image is loaded from a buffer git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@3853 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
@@ -74,6 +74,7 @@ LOADED_IMAGE_PRIVATE_DATA mCorePrivateImage = {
|
||||
0, // Machine
|
||||
NULL, // Ebc
|
||||
NULL, // RuntimeData
|
||||
NULL, // DeviceHandleDevicePath
|
||||
};
|
||||
|
||||
|
||||
@@ -644,6 +645,7 @@ Returns:
|
||||
if (!EFI_ERROR (Status)) {
|
||||
FilePathSize = CoreDevicePathSize (HandleFilePath) - sizeof(EFI_DEVICE_PATH_PROTOCOL);
|
||||
FilePath = (EFI_DEVICE_PATH_PROTOCOL *) ( ((UINT8 *)FilePath) + FilePathSize );
|
||||
Image->DeviceHandleDevicePath = CoreDuplicateDevicePath (HandleFilePath);
|
||||
}
|
||||
|
||||
//
|
||||
@@ -656,6 +658,7 @@ Returns:
|
||||
Image->Info.FilePath = CoreDuplicateDevicePath (FilePath);
|
||||
Image->Info.ParentHandle = ParentImageHandle;
|
||||
|
||||
|
||||
if (NumberOfPages != NULL) {
|
||||
Image->NumberOfPages = *NumberOfPages ;
|
||||
} else {
|
||||
@@ -1170,6 +1173,10 @@ Returns:
|
||||
CoreFreePool (Image->Info.FilePath);
|
||||
}
|
||||
|
||||
if (Image->DeviceHandleDevicePath != NULL) {
|
||||
CoreFreePool (Image->DeviceHandleDevicePath);
|
||||
}
|
||||
|
||||
if (Image->FixupData != NULL) {
|
||||
CoreFreePool (Image->FixupData);
|
||||
}
|
||||
|
Reference in New Issue
Block a user